[SECURITY COUNCIL] rsETH DeFi incident and ETHx going forward

Governance
1

Background

On 18th April 2026, a DeFi-wide liquidity event occurred following an exploit involving rsETH. As a result, Aave paused WETH markets on Ethereum Mainnet and L2-s, which subsequently impacted Superfluid’s ETHx on ETH Mainnet, Base, and Arbitrum One due to a recent yield backend configuration related to [SIP #9].

While the Aave market unfroze its ETH Mainnet within a week, the Base and Arbitrum markets remain frozen and uncertain to this day (11th May 2026).

During this period, affected ETHx upgrade/downgrade paths remain unfixed, as this was a known design choice during the audit. Without risking adding more fuel to the fire, the Security Council placed full confidence in Aave and DeFi as a whole to resolve it. It certainly tested everyone’s patience and exceeded my estimation of how long it would take for the market to fully reopen. Nonetheless, on 11th May 2026, we are pleased to announce that the Base and Arbitrum markets are fully back, and the ETHx are also back to normal.

Instead of repeating the full history in this thread, I attach the relevant Aave forum posts for whoever wishes to relive this saga:

Going forward, I wish the DAO to vote on the ETHx yield-back continuation in its current form.

Vote Proposal

Knowing it is a design choice of the current code base, where ETHx, or USDCx for the same reason, may be frozen again should the underlying Aave or Spark markets experience a similar liquidity event, a DAO vote on the current form of the yield-back implementation is warranted.

There will be two separate DAO votes:

  • A simple YES or NO on whether we should continue the yield backend on ETHx, with its current code, across all networks.
  • A simple YES or NO on whether we should continue the yield backend on USDCx, with its current code, across all networks.

Note that such a design choice applies to all networks, hence no discrimination; however, ETH and USDC may have different liquidity backing, hence separate voting for ETHx and USDCx.

If the DAO votes NO, the security council shall disable all yield backends on the relevant assets across all networks, and the DAO will also stop receiving yield accrued from the underlying assets.

If DAO votes YES, no action will be required.

Note that this proposal does not address whether we should further develop the codebase to work around the design choice. This can be left to a future proposal and work.

Call-to-action

Please discuss here, and the votes will be live after at least a week time.

9 Likes
2

Given the current DeFi landscape, we recommend not continuing with the yield backend from a more conservative standpoint.

In SIP-9, the rationale for deploying ETHx, USDCx, and similar assets to earn yield was not only the potential to generate revenue for the DAO, but also the perceived reliability of the contracts used to put those assets to work.

Over the past few months, the number of security incidents (such as Kelp’s) has surged. DeFi security is not in its strongest phase, and yields are extremely low on the other hand.

We believe the risk/reward of keeping funds on Aave or Spark does not justify it for the DAO: if those positions were compromised in some way, the consequences for the project could be severe.

5 Likes
3

:megaphone: Voting is live on Snapshot for 2 Constitutional proposals:

  • SIP #15: ETHx yield backend continuation :backhand_index_pointing_right: HERE :backhand_index_pointing_left:
  • SIP #16: USDCx yield backend continuation :backhand_index_pointing_right: HERE :backhand_index_pointing_left:
2 Likes
4

I have to agree with Blockful.

The risks of hacks are not appropriately priced on defi right now.. better to sit it out than earn 2% while risking losing it all.

In 6 months tho… hopefully we can re-assess.. its not a forever no, its a not right now no.

5 Likes
5

This is by no means my field of expertise, but I wanted to ask anyway…

Can anyone add a bit of insight on how grave it would, in fact, be for the Superfluid DAO if either ETHx or USCDx were to be freezed, compromised, slashed, …etc… due to for example another defi hack?

How large a percentage of the DAO’s funds are tied up in each of these two tokens?
And which daily DAO functions depend on each of them?

For example, in the case of the recent Kelp hack, it was clear that with ETHx being frozen, certain campaigns were inflicted (for one thing because users could not wrap ETH > ETHx, which meant that donation streams might have to be stopped), and user trust was potentially at risk (because it was uncertain if/when ETHx could be ‘redeemed’ as ETH again). Furthermore, it was not possible to add ETHx funds to liquidity pools, and existing liquidity providers would not be able to withdraw and sell SUP/ETH that had been working for 6 months.

These are just examples of ‘risk’ that I observed myself - my question is if you can add more concrete examples (for general users like me) of what is at risk here, and maybe also any thoughts you have on the likelihood of Aave or Spark funds being hit by a devestating hack again - is the likelihood the same for both?

Thanks!

2 Likes
6

It seems like this proposal is not passing this time. What if we have a diversified yield sources and a ready to use basic reserve pool in terms of percentage of total ETHx issued? This doesn’t remove all the risk but seems to have less damage in case of exploit which we have if we use single protocol.
When TVL grows significantly it definitely becomes reasonable to think about idle ETH which can do some work. So there comes a hard part, the sources and allocation.

I think eth native staking looks pretty safe, if other suitable yield sources are not at higher apy, we can go for native staking.

1 Like
7

Can anyone add a bit of insight on how grave it would, in fact, be for the Superfluid DAO if either ETHx or USCDx were to be freezed, compromised, slashed, …etc… due to for example another defi hack?

Obviously, we can’t predict the future. What I can say is that one reason I chose the largest DeFi platforms as a yield backend, such as Aave, is their “too-big-to-fail” status. Unfortunately, we had to test its empirical validity. But luckily, https://defiunited.world/ was a success. Even though, the whole process took longer than I had hoped for.

So, without evidence otherwise, I stand by my reasoning of choosing biggest DeFi app.

I have less of that strong conviction re: Spark, purely because of the TVL aspect; however, DAO has approved that choice too.

There is still a subtle difference re: ETH and USDC: With ETH, in general, no network can censor its movement. However, Arbitrum took a controversial action by censoring the Hacker’s action through its security council. Its implications we will see in the future. With USDC, it’s well known that Circle holds the admin key and has more options to prevent hackers from profiting from others’ misery.

How large a percentage of the DAO’s funds are tied up in each of these two tokens?
And which daily DAO functions depend on each of them?

Currently, DAO funds are not in USDCx or ETHx. Our funds are largely in SUP/WETH SUP/USDC LP positions.

2 Likes
8

Thank you for presenting this clearly. Separating ETHx and USDCx into distinct votes makes sense given their different liquidity backing, while keeping the design choice consistent across all networks. I appreciate that the scope is limited to a simple YES/NO on continuing the current implementation, leaving future codebase improvements for another proposal. This clarity should help the DAO make an informed decision and ensures that any action taken by the security council is straightforward.

9

very gooood!!! very niceee

10

:megaphone: Update on voting for proposals SIP #15 and SIP #16:

  • Voting period has ended
  • Neither proposal passed the minimum number of votes required for quorum
  • No action resulting from these proposals

Screenshot 2026-06-01 at 11.35.26 AM
Screenshot 2026-06-01 at 11.35.26 AM1340×640 66.2 KB

Screenshot 2026-06-01 at 11.35.47 AM
Screenshot 2026-06-01 at 11.35.47 AM1340×640 67.5 KB